User_friends is a default permission.
I have tried to remove for the application but the only thing that I realize is that I remove just for one user for me using:
delete user-id/permissions/user_friends.
I would like that my app to never ask this permission for all the users.
So please tell me how to proceed:
what to use at Access Token
what is the query
In API V2.0 and higher there are no default permissions other than basic_info.
Although user_friends is approved by default, unless you're including it in your app's login code, user_friends won't be part of the permissions new users are prompted to accept
Related
I want to get /{user-id}/feed from another user (user B) rather than "me" (user A), but the query returns an empty list.
I'm using the Graph API Explorer to make the queries, and I've got the Access Token with user_posts, user_status and read_stream permissions, but I can't get this information.
In this thread is said that:
Additionally the queried user needs to grant the app the read_stream permission.
In this other thread they said:
If the user is your app user authorized with read_stream permission, then you access the USER_ID/feed. It's because USER_ID/feed endpoint only available if user give permission read_stream to your app. App Access Token is not allow.
If the user is not your app user with read_stream, then you access the USER_ID/links instead. It's because no read_stream permission require to access this endpoint. App Access Token is not allow.
MY QUESTIONS:
Do I really need this other user (user B) to grant this permission to access his feed?
Where can I find official documentation saying so?
As /{user-id}/links seems to be accessible, are posts, statuses or tagged accessible too, or I just can access links without User B granting this permission?
Note:
Since the purpose is to use it in and iOS and Android App I can't use the read_stream permission, so I would use the user_posts which is supposed to be valid as they say in https://developers.facebook.com/docs/graph-api/reference/v2.3/user/feed
>
Of course, why would anyone want your App to access his newsfeed without his authorization? Keep in mind that not only the user would be able to access the feed of his friends, but the App too - which means, it would be easy for the App developer to get access.
Should be clear with number 1. Why would there even be a permission if you could just grab the feed from another user with it?
You canĀ“t get ANY data from a user without his authorization, for privacy reasons. Friend permissions are gone.
By default, user_friends is granted and approved for any new FB app.
I believe this let new users not interested as of privacy risk.
how to disable user_friends permission from my app?
Regards
Use API v2.0. In API v2.0 there is no default permissions so you need to ask exactly for the permissions you want.
In API v1.0 it is not possible to not ask for user_friends.
I ask for read_stream permission in my app. But the users can ignore that request. How can I check if the user gave me the permission?
I want that permission to be required in order to use the app.
I'm using PHP SDK
If you do this:
$facebook->api('USER_ID/permissions','GET');
You'll get the permissions the user has granted to your app
You can find more info here:
https://developers.facebook.com/docs/howtos/login/handling-revoked-permissions/
After I add a permission, the user has to remove the app and add it again, in order to grant new permission. The weird thing is that when I request a permission that the user hasn't approved, I don't get an error, but rather only an empty result set.
How do I check if the user approved a permission?
It is quite simple as you can just use the openn graph API to get that information
https://graph.facebook.com/me/permissions?access_token=....
I am using facebook PHP SDK and using that I can able to make request to facebook and get the expended permission from user. After user granted extended permission, anytime user can remove our application or revoke certain granted permission from their settings page, but there is a call back url for facebook to notify, so that and we can track who has removed our application, Suppose some one revoke certain granted permission instead of removing application, How facebook notify us to trace which permission has been revoked by the user?
Is there any other way our app to get to know, what are the permissions user has granted?
Thanks.
-Ravi
You can check if user gave some particular permission with users.hasAppPermission